Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
File: bba6d1fd-8b29-4481-a568-7018abbd9103.roa (raw, json)
Hash identifier: aSO0YLeA5cjd7s4UV+7OjDTiJcUwinwgcZIeKYbXg/U=
Subject key identifier: CB:C7:31:83:C3:9A:AB:0F:93:0E:2F:D5:87:D4:E8:0B:AE:84:3F:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 13C6091871148DC26D3ED6B1B9E85E646FBCA27B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
Signing time: Sat 28 Feb 2026 06:20:06 +0000
ROA not before: Sat 28 Feb 2026 06:20:06 +0000
ROA not after: Fri 29 May 2026 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:9080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 02 Mar 2026 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:c6:09:18:71:14:8d:c2:6d:3e:d6:b1:b9:e8:5e:64:6f:bc:a2:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 28 06:20:06 2026 GMT
Not After : May 29 23:59:59 2026 GMT
Subject: serialNumber=954fed088b0a0fef84622c7424f5990d0fd176c2d104abab19b9a40301a0d96c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:34:62:11:1f:c1:30:11:a0:ab:cd:9d:00:1f:
c3:e0:90:e3:ec:3f:0c:92:ca:fb:04:de:ce:d8:ff:
1e:9d:56:25:fe:6e:be:b9:f9:be:78:54:40:0a:fc:
e9:19:50:ea:ee:80:96:a1:7a:b9:7c:5d:04:15:f4:
9a:62:50:6b:2c:e0:9b:47:26:e3:78:7e:e4:a8:a3:
7d:6e:59:d1:07:86:a0:fd:85:dd:05:47:ad:17:35:
fb:cd:fe:2a:de:aa:c6:6f:1c:95:21:8e:eb:28:39:
09:15:30:4e:3f:6b:b1:be:b4:1b:b6:dd:9c:4b:b2:
5a:a2:2d:de:cc:db:9c:2c:08:08:09:82:53:1e:ec:
02:cc:98:4c:5f:ca:0c:8d:31:47:a3:03:81:02:01:
dd:3c:bf:3a:91:6c:53:1b:bf:38:3a:24:fc:a1:29:
c6:ed:35:a5:26:16:d4:a1:59:3a:ea:a9:ce:c2:11:
cf:ba:21:d4:4a:37:8c:fa:d5:4c:fe:da:59:3a:2d:
97:aa:79:5d:fd:48:b2:55:b2:45:82:c8:89:bf:ee:
ec:0b:25:71:d4:5d:7a:24:4e:0f:cc:3a:f9:fa:ae:
d9:88:1c:b0:bb:38:8a:d1:38:cc:40:3b:07:29:f6:
81:b5:4b:17:84:c4:95:83:b7:8e:b7:9e:61:95:91:
7b:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:C7:31:83:C3:9A:AB:0F:93:0E:2F:D5:87:D4:E8:0B:AE:84:3F:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bba6d1fd-8b29-4481-a568-7018abbd9103.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:9080::/48
Signature Algorithm: sha256WithRSAEncryption
a5:19:ec:da:cc:2c:0f:7c:c6:bb:a5:42:a0:ba:51:39:fd:fe:
be:77:1b:36:36:80:e5:5e:a4:96:a6:43:86:08:4f:1c:9f:29:
fe:d0:bc:97:70:5e:1d:cd:56:94:55:82:e4:95:14:84:f6:c8:
9b:d1:c6:fe:f6:b2:d6:ab:a9:c4:8a:fb:62:b5:08:f5:eb:ad:
64:f7:a3:32:e3:b8:c9:5e:21:7b:dd:62:0a:ea:bf:11:54:17:
84:69:0c:17:d0:ad:25:0c:45:c2:00:5f:f5:98:19:dd:16:b5:
d9:94:cb:f6:38:d9:42:a9:97:8f:cf:02:b2:95:6b:eb:47:2b:
58:73:50:83:a4:2a:9b:27:e4:18:9b:c8:67:98:bb:9a:38:38:
c8:9d:52:ed:38:3b:41:7a:cb:b8:8f:d4:07:bf:c7:86:d3:c9:
5a:7e:12:2a:d4:34:de:62:5c:51:0a:ec:6e:25:88:9d:2d:9c:
d8:43:27:05:dd:0d:c8:cf:42:71:3f:b0:e1:e0:61:a1:bf:0a:
c5:cb:f8:35:06:fe:40:4c:c0:61:08:d0:c2:86:5d:95:d0:47:
41:16:15:95:3a:d0:27:66:ee:63:86:eb:46:da:68:82:97:bf:
03:63:84:91:0f:18:da:74:5b:da:ec:77:65:96:86:2e:4e:ca:
78:81:00:b9
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUE8YJGHEUjcJtPtaxueheZG+8onswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNjAyMjgwNjIwMDZaFw0yNjA1MjkyMzU5NTlaMHoxSTBHBgNV
BAUTQDk1NGZlZDA4OGIwYTBmZWY4NDYyMmM3NDI0ZjU5OTBkMGZkMTc2YzJkMTA0
YWJhYjE5YjlhNDAzMDFhMGQ5NmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKc0YhEfwTARoKvNnQAfw+CQ4+w/DJLK+wTeztj/Hp1WJf5uvrn5vnhUQAr8
6RlQ6u6AlqF6uXxdBBX0mmJQayzgm0cm43h+5KijfW5Z0QeGoP2F3QVHrRc1+83+
Kt6qxm8clSGO6yg5CRUwTj9rsb60G7bdnEuyWqIt3szbnCwICAmCUx7sAsyYTF/K
DI0xR6MDgQIB3Ty/OpFsUxu/ODok/KEpxu01pSYW1KFZOuqpzsIRz7oh1Eo3jPrV
TP7aWTotl6p5Xf1IslWyRYLIib/u7AslcdRdeiROD8w6+fqu2YgcsLs4itE4zEA7
Byn2gbVLF4TElYO3jreeYZWRe5ECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTLxzGD
w5qrD5MOL9WH1OgLroQ/3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmJhNmQxZmQtOGIyOS00NDgxLWE1NjgtNzAxOGFiYmQ5MTAzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HKQ
gDANBgkqhkiG9w0BAQsFAAOCAQEApRns2swsD3zGu6VCoLpROf3+vncbNjaA5V6k
lqZDhghPHJ8p/tC8l3BeHc1WlFWC5JUUhPbIm9HG/vay1qupxIr7YrUI9eutZPej
MuO4yV4he91iCuq/EVQXhGkMF9CtJQxFwgBf9ZgZ3Ra12ZTL9jjZQqmXj88CspVr
60crWHNQg6QqmyfkGJvIZ5i7mjg4yJ1S7Tg7QXrLuI/UB7/HhtPJWn4SKtQ03mJc
UQrsbiWInS2c2EMnBd0NyM9CcT+w4eBhob8Kxcv4NQb+QEzAYQjQwoZdldBHQRYV
lTrQJ2buY4brRtpogpe/A2OEkQ8Y2nRb2ux3ZZaGLk7KeIEAuQ==
-----END CERTIFICATE-----
Generated at Sun Mar 1 21:51:33 2026 by rpki-client